<?php
/**
 * Author Yulin
 * Email  dwzhanglong@126.com
 * Date   2017-7-21
 * Func   个人信息
 */
defined('IN_YuLin') || exit('NO PERMIT!');
$seo['title'] = '大众彩票-修改安全码';
$pageTitle    = '修改安全码';
$navTag       = 'member';
$page         = 'member/verifysafe';
$error        = '';

$userTab      = Table('user');

UserLogin();
$userInfo     = $_user;
if (IS_POST){
    $operation = NoBadStr($_POST['operation']);
    switch ($operation){
        case 'checksafe':
            $safePass            = NoBadStr($_POST['password']);
            if ($safePass != $userInfo['safepwd']){
                $error           = '原密码输入错误';
            }else{
                $pageTitle    = '修改安全码';
                // 输入原密码正确，进入修改密码界面
                $page                = 'member/resetsafe';
            }
            break;
        case 'resetsafe':
            $newsafe = NoBadStr($_POST['password']);
            $sql     = 'UPDATE ' . $userTab . ' SET safepwd = "' . $newsafe . '" WHERE id = ' . $_uid;
            $flag    = $db->exec($sql);
            if ($flag){
                $redirect = U('member/security');
                header('Location:' . $redirect);
            }
            $error   = '操作失败，请重试';
            $page    = 'member/resetsafe';
            break;
        default:
            break;
    }
    $tpl->display($page);
    die();
}

$tpl->display($page);